Total
2641 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-34165 | 1 Huawei | 1 Harmonyos | 2023-06-30 | N/A | 5.3 MEDIUM |
| Unauthorized access vulnerability in the Save for later feature provided by AI Touch.Successful exploitation of this vulnerability may cause third-party apps to forge a URI for unauthorized access with zero permissions. | |||||
| CVE-2023-21149 | 1 Google | 1 Android | 2023-06-30 | N/A | 7.8 HIGH |
| In registerGsmaServiceIntentReceiver of ShannonRcsService.java, there is a possible way to activate/deactivate RCS service due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-270050709References: N/A | |||||
| CVE-2022-30746 | 1 Samsung | 1 Smartthings | 2023-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API. | |||||
| CVE-2022-0932 | 1 Saleor | 1 Saleor | 2023-06-29 | 4.0 MEDIUM | 6.5 MEDIUM |
| Missing Authorization in GitHub repository saleor/saleor prior to 3.1.2. | |||||
| CVE-2022-0905 | 1 Gitea | 1 Gitea | 2023-06-29 | 5.5 MEDIUM | 7.1 HIGH |
| Missing Authorization in GitHub repository go-gitea/gitea prior to 1.16.4. | |||||
| CVE-2022-0871 | 1 Gogs | 1 Gogs | 2023-06-29 | 5.8 MEDIUM | 9.1 CRITICAL |
| Missing Authorization in GitHub repository gogs/gogs prior to 0.12.5. | |||||
| CVE-2022-0756 | 1 Salesagility | 1 Suitecrm | 2023-06-29 | 4.0 MEDIUM | 6.5 MEDIUM |
| Missing Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5. | |||||
| CVE-2022-0755 | 1 Salesagility | 1 Suitecrm | 2023-06-29 | 4.0 MEDIUM | 4.3 MEDIUM |
| Missing Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5. | |||||
| CVE-2022-0726 | 1 Framasoft | 1 Peertube | 2023-06-29 | 5.5 MEDIUM | 5.4 MEDIUM |
| Missing Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0. | |||||
| CVE-2022-0179 | 1 Snipeitapp | 1 Snipe-it | 2023-06-29 | 4.9 MEDIUM | 5.4 MEDIUM |
| snipe-it is vulnerable to Missing Authorization | |||||
| CVE-2023-35093 | 1 Stylemixthemes | 1 Masterstudy Lms | 2023-06-28 | N/A | 6.5 MEDIUM |
| Broken Access Control vulnerability in StylemixThemes MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin <= 3.0.8 versions allows any logged-in users, such as subscribers to view the "Orders" of the plugin and get the data related to the order like email, username, and more. | |||||
| CVE-2022-30731 | 1 Samsung | 1 My Files | 2023-06-28 | 2.1 LOW | 5.5 MEDIUM |
| Improper access control vulnerability in My Files prior to version 13.1.00.193 allows attackers to access arbitrary private files in My Files application. | |||||
| CVE-2022-23642 | 1 Sourcegraph | 1 Sourcegraph | 2023-06-27 | 6.0 MEDIUM | 8.8 HIGH |
| Sourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.37 is vulnerable to remote code execution in the `gitserver` service. The service acts as a git exec proxy, and fails to properly restrict calling `git config`. This allows an attacker to set the git `core.sshCommand` option, which sets git to use the specified command instead of ssh when they need to connect to a remote system. Exploitation of this vulnerability depends on how Sourcegraph is deployed. An attacker able to make HTTP requests to internal services like gitserver is able to exploit it. This issue is patched in Sourcegraph version 3.37. As a workaround, ensure that requests to gitserver are properly protected. | |||||
| CVE-2022-39084 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-06-27 | N/A | 6.7 MEDIUM |
| In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. | |||||
| CVE-2022-39083 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-06-27 | N/A | 6.7 MEDIUM |
| In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. | |||||
| CVE-2022-39082 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-06-27 | N/A | 6.7 MEDIUM |
| In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. | |||||
| CVE-2022-39081 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-06-27 | N/A | 6.7 MEDIUM |
| In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. | |||||
| CVE-2022-39088 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-06-27 | N/A | 6.7 MEDIUM |
| In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. | |||||
| CVE-2022-39087 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-06-27 | N/A | 6.7 MEDIUM |
| In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. | |||||
| CVE-2022-39086 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-06-27 | N/A | 6.7 MEDIUM |
| In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. | |||||